How many of our colleagues use their own personal devices for business purposes? Now, here’s the burning question. How many employers are aware that they are using those devices? Employees using personal devices at work are part of a growing revolution known as the consumerization of IT, or bring your own technology (BYOT). According to a recent Unisys-IDC study, workers reported that they are using smart phones, laptops and mobile phones in the workplace at nearly twice the rate reported by employers. This disconnect between what workers are doing and what IT leaders believe is happening is echoed in a recent survey of IT security professionals which highlighted the security and management threats posed by the growing use of personal devices like smart phones on corporate networks. About 40 percent of IT security decision makers in the Cisco-sponsored survey said they had experienced a breach or loss of information due to an unsupported network device. So what’s an IT organization t

I recently gave a workshop outlining the basic ideas and steps needed to design and implement ITSM processes. During the workshop we discussed the importance of knowing the maturity level of your processes. You determine the maturity of your processes by conducting a maturity assessment. Using a maturity assessment model will allow you to know where your processes currently reside in terms of usability, effectiveness, efficiency and economy. You can also determine what level of maturity you want your processes to achieve as a future state. Finally a maturity assessment will show you what steps you need to take to close the gap between your “as is” process and your “to be” future state. There are three maturity assessment models you might think about using. Capability Maturity Model Integration (CMMI), ISO/IEC 15504 and the ITIL Process Maturity Framework (PMF). All three use a multi-level approach to identify the maturity of your processes. Each also uses a set of assessment criteria

I was recently asked a very thought provoking question about the importance of social networking to knowledge management? Social networking is having a wide and varied impact on ITSM as a whole. As with all new and emerging technologies,  organizations must develop strategies on how social networking will be incorporated into their environment. Policies must be established that define what will and will not be allowed in the corporate arena. Within the knowledge management process,  many organizations are embracing the use of social networking technologies but doing so with caution. Once knowledge is posted on the web, it can take on a life of it’s own. There must be internal security policies that insure that proprietry knowledge does not become available to the public. These policies should address the appropriate use of the technology as well as appropriate staff behavior.  Policies and procedures should also be defined for filtering, validating and controlling any knowledge tha

I have been asked by many students, how do you move from that role as the fire fighter resolving incidents to the role of being able to prevent them from occurring in the first place? Much of this has to do with good design and a strong proactive problem management process, but a solid event management process is an excellent offensive weapon in the prevention of impacting incidents in your environment. Event Management is the process that gives IT the ability to detect events, make sense of them and determine the appropriate control action. It is the basis for our operational monitoring and control. This gives us a way to compare actual performance against what was designed and written in SLAs. What is perfect about event management is that we can apply it to any aspect of our environment from delivery of a service, monitoring an individual CI, environmental conditions to software license usage. In conjunction with the other Service Management processes, along with both passive an

In order for IT organizations to be successful, we must align ourselves with our business partners. Business and customer requirements must drive service and process continual improvement activities. As a service provider, we must ask ourselves if we really understand our customer’s needs and expectations. When was the last time we checked with our business to determime if we are delivering value? When was the last time you asked the business, “How are we doing”? One of the gathering techniques we learn in the Certified Process Design Engineering (CPDE) course is how to conduct a needs assessment. Here are the steps for conducting a successful assessment: 2 to 4 weeks prior to the assessment: Establish a high-level interview schedule Identify interview participants Develop a detailed interview schedule Contact each participant to determine availability Develop a list of interview questions/solicit feedback Refine your list of interview questions  1 to 2 weeks prior to the ass

I often get asked what goes into a Process Definition Document (PDD).  Certified Process Design Engineers (CPDE) learn that PDDs should  include: Policies A process overview Roles and Responsibilities Process Maps Activities Vocabulary Policies Policies specific to a process should be included in the Process Definition Document.  A policy is a formal document that describes the overall intentions and direction of a service provider, as expressed by senior management. Company policies are used to guide actions toward a specific outcome. They must be specific, measurable and underpinned by the process.  Overview The overview section contains the process description, objectives, goals, owner boundaries, triggers, supplier data, inputs, high level activities, outputs, customers and metrics. Roles and Responsibilities Roles and responsibilities define and describe the active participants in the process, including the process owner, process manager, suppliers, customers and sta

I was asked recently how Certified Process Design Engineer® (CPDE) and Six Sigma might work together. I was also asked to clarify the value of holding a Certified Process Design Engineer® certification. To deal with these questions we must first clarify the difference between CPDE® and Six Sigma. First CPDE® is a role and a set of methods and approaches for that role to use in defining, designing and implementing strong IT Service Management processes. Six Sigma is a quality framework based on the work of men like W. Edwards Deming, Joseph Juran and Philip Crosby (the Big Three of the quality movement) and developed out of Motorola’s efforts to improve quality. The two are not at odds, rather they complement each other. A CPDE has the skills to look at an organization, understand its culture, its approach to process and quality and its need for improvement. Once this assessment is done (using tools like the ITIL Process Maturity Framework, or CMMI) the CPDE would identify which el